mirror of
https://github.com/KeygraphHQ/shannon.git
synced 2026-06-03 14:08:06 +02:00
feat: typescript migration (#40)
* chore: initialize TypeScript configuration and build setup - Add tsconfig.json for root and mcp-server with strict type checking - Install typescript and @types/node as devDependencies - Add npm build script for TypeScript compilation - Update main entrypoint to compiled dist/shannon.js - Update Dockerfile to build TypeScript before running - Configure output directory and module resolution for Node.js * refactor: migrate codebase from JavaScript to TypeScript - Convert all 37 JavaScript files to TypeScript (.js -> .ts) - Add type definitions in src/types/ for agents, config, errors, session - Update mcp-server with proper TypeScript types - Move entry point from shannon.mjs to src/shannon.ts - Update tsconfig.json with rootDir: "./src" for cleaner dist output - Update Dockerfile to build TypeScript before runtime - Update package.json paths to use compiled dist/shannon.js No runtime behavior changes - pure type safety migration. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: update CLI references from ./shannon.mjs to shannon - Update help text in src/cli/ui.ts - Update usage examples in src/cli/command-handler.ts - Update setup message in src/shannon.ts - Update CLAUDE.md documentation with TypeScript file structure - Replace all ./shannon.mjs references with shannon command 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: remove unnecessary eslint-disable comments ESLint is not configured in this project, making these comments redundant. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
ezl-keygraph
@@ -7,18 +7,48 @@
|
||||
import chalk from 'chalk';
|
||||
import {
|
||||
selectSession, deleteSession, deleteAllSessions,
|
||||
validateAgent, validatePhase, reconcileSession
|
||||
validateAgent, validatePhase, reconcileSession, getSession
|
||||
} from '../session-manager.js';
|
||||
import type { Session } from '../session-manager.js';
|
||||
import {
|
||||
runPhase, runAll, rollbackTo, rerunAgent, displayStatus, listAgents
|
||||
} from '../checkpoint-manager.js';
|
||||
import type { AgentResult } from '../checkpoint-manager.js';
|
||||
import { logError, PentestError } from '../error-handling.js';
|
||||
import { promptConfirmation } from './prompts.js';
|
||||
import type { ChalkInstance } from 'chalk';
|
||||
import type { SessionMetadata } from '../audit/utils.js';
|
||||
import type { DistributedConfig } from '../types/config.js';
|
||||
|
||||
// Types for callback functions
|
||||
type RunClaudePromptWithRetry = (
|
||||
prompt: string,
|
||||
sourceDir: string,
|
||||
allowedTools: string,
|
||||
context: string,
|
||||
description: string,
|
||||
agentName: string | null,
|
||||
colorFn: ChalkInstance,
|
||||
sessionMetadata: SessionMetadata | null
|
||||
) => Promise<AgentResult>;
|
||||
|
||||
type LoadPrompt = (
|
||||
promptName: string,
|
||||
variables: { webUrl: string; repoPath: string },
|
||||
config: DistributedConfig | null,
|
||||
pipelineTestingMode: boolean
|
||||
) => Promise<string>;
|
||||
|
||||
// Developer command handlers
|
||||
export async function handleDeveloperCommand(command, args, pipelineTestingMode, runClaudePromptWithRetry, loadPrompt) {
|
||||
export async function handleDeveloperCommand(
|
||||
command: string,
|
||||
args: string[],
|
||||
pipelineTestingMode: boolean,
|
||||
runClaudePromptWithRetry: RunClaudePromptWithRetry,
|
||||
loadPrompt: LoadPrompt
|
||||
): Promise<void> {
|
||||
try {
|
||||
let session;
|
||||
let session: Session | null;
|
||||
|
||||
// Commands that don't require session selection
|
||||
if (command === '--list-agents') {
|
||||
@@ -55,7 +85,7 @@ export async function handleDeveloperCommand(command, args, pipelineTestingMode,
|
||||
if (command === '--run-phase') {
|
||||
if (!args[0]) {
|
||||
console.log(chalk.red('❌ --run-phase requires a phase name'));
|
||||
console.log(chalk.gray('Usage: ./shannon.mjs --run-phase <phase-name>'));
|
||||
console.log(chalk.gray('Usage: shannon --run-phase <phase-name>'));
|
||||
process.exit(1);
|
||||
}
|
||||
validatePhase(args[0]); // This will throw PentestError if invalid
|
||||
@@ -64,7 +94,7 @@ export async function handleDeveloperCommand(command, args, pipelineTestingMode,
|
||||
if (command === '--rollback-to' || command === '--rerun') {
|
||||
if (!args[0]) {
|
||||
console.log(chalk.red(`❌ ${command} requires an agent name`));
|
||||
console.log(chalk.gray(`Usage: ./shannon.mjs ${command} <agent-name>`));
|
||||
console.log(chalk.gray(`Usage: shannon ${command} <agent-name>`));
|
||||
process.exit(1);
|
||||
}
|
||||
validateAgent(args[0]); // This will throw PentestError if invalid
|
||||
@@ -74,7 +104,8 @@ export async function handleDeveloperCommand(command, args, pipelineTestingMode,
|
||||
try {
|
||||
session = await selectSession();
|
||||
} catch (error) {
|
||||
console.log(chalk.red(`❌ ${error.message}`));
|
||||
const errMsg = error instanceof Error ? error.message : String(error);
|
||||
console.log(chalk.red(`❌ ${errMsg}`));
|
||||
process.exit(1);
|
||||
}
|
||||
|
||||
@@ -94,17 +125,22 @@ export async function handleDeveloperCommand(command, args, pipelineTestingMode,
|
||||
}
|
||||
|
||||
// Reload session after reconciliation to get fresh state
|
||||
const { getSession } = await import('../session-manager.js');
|
||||
session = await getSession(session.id);
|
||||
} catch (error) {
|
||||
// Reconciliation failure is non-critical, but log warning
|
||||
console.log(chalk.yellow(`⚠️ Failed to reconcile session with audit logs: ${error.message}`));
|
||||
const errMsg = error instanceof Error ? error.message : String(error);
|
||||
console.log(chalk.yellow(`⚠️ Failed to reconcile session with audit logs: ${errMsg}`));
|
||||
}
|
||||
|
||||
if (!session) {
|
||||
console.log(chalk.red('❌ Session not found after reconciliation'));
|
||||
process.exit(1);
|
||||
}
|
||||
|
||||
switch (command) {
|
||||
|
||||
case '--run-phase':
|
||||
await runPhase(args[0], session, pipelineTestingMode, runClaudePromptWithRetry, loadPrompt);
|
||||
await runPhase(args[0]!, session, pipelineTestingMode, runClaudePromptWithRetry, loadPrompt);
|
||||
break;
|
||||
|
||||
case '--run-all':
|
||||
@@ -112,11 +148,11 @@ export async function handleDeveloperCommand(command, args, pipelineTestingMode,
|
||||
break;
|
||||
|
||||
case '--rollback-to':
|
||||
await rollbackTo(args[0], session);
|
||||
await rollbackTo(args[0]!, session);
|
||||
break;
|
||||
|
||||
case '--rerun':
|
||||
await rerunAgent(args[0], session, pipelineTestingMode, runClaudePromptWithRetry, loadPrompt);
|
||||
await rerunAgent(args[0]!, session, pipelineTestingMode, runClaudePromptWithRetry, loadPrompt);
|
||||
break;
|
||||
|
||||
case '--status':
|
||||
@@ -133,11 +169,12 @@ export async function handleDeveloperCommand(command, args, pipelineTestingMode,
|
||||
await logError(error, `Developer command ${command}`);
|
||||
console.log(chalk.red.bold(`\n🚨 Command failed: ${error.message}`));
|
||||
} else {
|
||||
console.log(chalk.red.bold(`\n🚨 Unexpected error: ${error.message}`));
|
||||
if (process.env.DEBUG) {
|
||||
const errMsg = error instanceof Error ? error.message : String(error);
|
||||
console.log(chalk.red.bold(`\n🚨 Unexpected error: ${errMsg}`));
|
||||
if (process.env.DEBUG && error instanceof Error) {
|
||||
console.log(chalk.gray(error.stack));
|
||||
}
|
||||
}
|
||||
process.exit(1);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -6,8 +6,14 @@
|
||||
|
||||
import { fs, path } from 'zx';
|
||||
|
||||
interface ValidationResult {
|
||||
valid: boolean;
|
||||
error?: string;
|
||||
path?: string;
|
||||
}
|
||||
|
||||
// Helper function: Validate web URL
|
||||
export function validateWebUrl(url) {
|
||||
export function validateWebUrl(url: string): ValidationResult {
|
||||
try {
|
||||
const parsed = new URL(url);
|
||||
if (!['http:', 'https:'].includes(parsed.protocol)) {
|
||||
@@ -17,16 +23,16 @@ export function validateWebUrl(url) {
|
||||
return { valid: false, error: 'Web URL must have a valid hostname' };
|
||||
}
|
||||
return { valid: true };
|
||||
} catch (error) {
|
||||
} catch {
|
||||
return { valid: false, error: 'Invalid web URL format' };
|
||||
}
|
||||
}
|
||||
|
||||
// Helper function: Validate local repository path
|
||||
export async function validateRepoPath(repoPath) {
|
||||
export async function validateRepoPath(repoPath: string): Promise<ValidationResult> {
|
||||
try {
|
||||
// Check if path exists
|
||||
if (!await fs.pathExists(repoPath)) {
|
||||
if (!(await fs.pathExists(repoPath))) {
|
||||
return { valid: false, error: 'Repository path does not exist' };
|
||||
}
|
||||
|
||||
@@ -39,7 +45,7 @@ export async function validateRepoPath(repoPath) {
|
||||
// Check if it's readable
|
||||
try {
|
||||
await fs.access(repoPath, fs.constants.R_OK);
|
||||
} catch (error) {
|
||||
} catch {
|
||||
return { valid: false, error: 'Repository path is not readable' };
|
||||
}
|
||||
|
||||
@@ -47,6 +53,7 @@ export async function validateRepoPath(repoPath) {
|
||||
const absolutePath = path.resolve(repoPath);
|
||||
return { valid: true, path: absolutePath };
|
||||
} catch (error) {
|
||||
return { valid: false, error: `Invalid repository path: ${error.message}` };
|
||||
const errMsg = error instanceof Error ? error.message : String(error);
|
||||
return { valid: false, error: `Invalid repository path: ${errMsg}` };
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -9,13 +9,11 @@ import { PentestError } from '../error-handling.js';
|
||||
|
||||
/**
|
||||
* Prompt user for yes/no confirmation
|
||||
* @param {string} message - Question to display
|
||||
* @returns {Promise<boolean>} true if confirmed, false otherwise
|
||||
*/
|
||||
export async function promptConfirmation(message) {
|
||||
export async function promptConfirmation(message: string): Promise<boolean> {
|
||||
const readline = createInterface({
|
||||
input: process.stdin,
|
||||
output: process.stdout
|
||||
output: process.stdout,
|
||||
});
|
||||
|
||||
return new Promise((resolve) => {
|
||||
@@ -29,23 +27,15 @@ export async function promptConfirmation(message) {
|
||||
|
||||
/**
|
||||
* Prompt user to select from numbered list
|
||||
* @param {string} message - Selection prompt
|
||||
* @param {Array} items - Items to choose from
|
||||
* @returns {Promise<any>} Selected item
|
||||
* @throws {PentestError} If invalid selection
|
||||
*/
|
||||
export async function promptSelection(message, items) {
|
||||
export async function promptSelection<T>(message: string, items: T[]): Promise<T> {
|
||||
if (!items || items.length === 0) {
|
||||
throw new PentestError(
|
||||
'No items available for selection',
|
||||
'validation',
|
||||
false
|
||||
);
|
||||
throw new PentestError('No items available for selection', 'validation', false);
|
||||
}
|
||||
|
||||
const readline = createInterface({
|
||||
input: process.stdin,
|
||||
output: process.stdout
|
||||
output: process.stdout,
|
||||
});
|
||||
|
||||
return new Promise((resolve, reject) => {
|
||||
@@ -54,14 +44,16 @@ export async function promptSelection(message, items) {
|
||||
|
||||
const choice = parseInt(answer);
|
||||
if (isNaN(choice) || choice < 1 || choice > items.length) {
|
||||
reject(new PentestError(
|
||||
`Invalid selection. Please enter a number between 1 and ${items.length}`,
|
||||
'validation',
|
||||
false,
|
||||
{ choice: answer }
|
||||
));
|
||||
reject(
|
||||
new PentestError(
|
||||
`Invalid selection. Please enter a number between 1 and ${items.length}`,
|
||||
'validation',
|
||||
false,
|
||||
{ choice: answer }
|
||||
)
|
||||
);
|
||||
} else {
|
||||
resolve(items[choice - 1]);
|
||||
resolve(items[choice - 1]!);
|
||||
}
|
||||
});
|
||||
});
|
||||
@@ -1,67 +0,0 @@
|
||||
// Copyright (C) 2025 Keygraph, Inc.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU Affero General Public License version 3
|
||||
// as published by the Free Software Foundation.
|
||||
|
||||
import chalk from 'chalk';
|
||||
import { displaySplashScreen } from '../splash-screen.js';
|
||||
|
||||
// Helper function: Display help information
|
||||
export function showHelp() {
|
||||
console.log(chalk.cyan.bold('AI Penetration Testing Agent'));
|
||||
console.log(chalk.gray('Automated security assessment tool\n'));
|
||||
|
||||
console.log(chalk.yellow.bold('NORMAL MODE (Creates Sessions):'));
|
||||
console.log(' ./shannon.mjs <WEB_URL> <REPO_PATH> [--config config.yaml] [--pipeline-testing]');
|
||||
console.log(' ./shannon.mjs <WEB_URL> <REPO_PATH> --setup-only # Setup local repo and create session only\n');
|
||||
|
||||
console.log(chalk.yellow.bold('DEVELOPER MODE (Operates on Existing Sessions):'));
|
||||
console.log(' ./shannon.mjs --run-phase <phase-name> [--pipeline-testing]');
|
||||
console.log(' ./shannon.mjs --run-all [--pipeline-testing]');
|
||||
console.log(' ./shannon.mjs --rollback-to <agent-name>');
|
||||
console.log(' ./shannon.mjs --rerun <agent-name> [--pipeline-testing]');
|
||||
console.log(' ./shannon.mjs --status');
|
||||
console.log(' ./shannon.mjs --list-agents');
|
||||
console.log(' ./shannon.mjs --cleanup [session-id] # Delete sessions\n');
|
||||
|
||||
console.log(chalk.yellow.bold('OPTIONS:'));
|
||||
console.log(' --config <file> YAML configuration file for authentication and testing parameters');
|
||||
console.log(' --pipeline-testing Use minimal prompts for fast pipeline testing (creates minimal deliverables)');
|
||||
console.log(' --disable-loader Disable the animated progress loader (useful when logs interfere with spinner)\n');
|
||||
|
||||
console.log(chalk.yellow.bold('DEVELOPER COMMANDS:'));
|
||||
console.log(' --run-phase Run all agents in a phase (parallel execution for 5x speedup)');
|
||||
console.log(' --run-all Run all remaining agents to completion (parallel execution)');
|
||||
console.log(' --rollback-to Rollback git workspace to agent checkpoint');
|
||||
console.log(' --rerun Rollback and rerun specific agent');
|
||||
console.log(' --status Show current session status and progress');
|
||||
console.log(' --list-agents List all available agents and phases');
|
||||
console.log(' --cleanup Delete all sessions or specific session by ID\n');
|
||||
|
||||
console.log(chalk.yellow.bold('EXAMPLES:'));
|
||||
console.log(' # Normal mode - create new session');
|
||||
console.log(' ./shannon.mjs "https://example.com" "/path/to/local/repo"');
|
||||
console.log(' ./shannon.mjs "https://example.com" "/path/to/local/repo" --config auth.yaml');
|
||||
console.log(' ./shannon.mjs "https://example.com" "/path/to/local/repo" --setup-only # Setup only\n');
|
||||
|
||||
console.log(' # Developer mode - operate on existing session');
|
||||
console.log(' ./shannon.mjs --status # Show session status');
|
||||
console.log(' ./shannon.mjs --run-phase exploitation # Run entire phase');
|
||||
console.log(' ./shannon.mjs --run-all # Run all remaining agents');
|
||||
console.log(' ./shannon.mjs --rerun xss-vuln # Fix and rerun failed agent');
|
||||
console.log(' ./shannon.mjs --cleanup # Delete all sessions');
|
||||
console.log(' ./shannon.mjs --cleanup <session-id> # Delete specific session\n');
|
||||
|
||||
console.log(chalk.yellow.bold('REQUIREMENTS:'));
|
||||
console.log(' • WEB_URL must start with http:// or https://');
|
||||
console.log(' • REPO_PATH must be an accessible local directory');
|
||||
console.log(' • Only test systems you own or have permission to test');
|
||||
console.log(' • Developer mode requires existing pentest session\n');
|
||||
|
||||
console.log(chalk.yellow.bold('ENVIRONMENT VARIABLES:'));
|
||||
console.log(' PENTEST_MAX_RETRIES Number of retries for AI agents (default: 3)');
|
||||
}
|
||||
|
||||
// Export the splash screen function for use in main
|
||||
export { displaySplashScreen };
|
||||
@@ -0,0 +1,81 @@
|
||||
// Copyright (C) 2025 Keygraph, Inc.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU Affero General Public License version 3
|
||||
// as published by the Free Software Foundation.
|
||||
|
||||
import chalk from 'chalk';
|
||||
import { displaySplashScreen } from '../splash-screen.js';
|
||||
|
||||
// Helper function: Display help information
|
||||
export function showHelp(): void {
|
||||
console.log(chalk.cyan.bold('AI Penetration Testing Agent'));
|
||||
console.log(chalk.gray('Automated security assessment tool\n'));
|
||||
|
||||
console.log(chalk.yellow.bold('NORMAL MODE (Creates Sessions):'));
|
||||
console.log(
|
||||
' shannon <WEB_URL> <REPO_PATH> [--config config.yaml] [--pipeline-testing]'
|
||||
);
|
||||
console.log(
|
||||
' shannon <WEB_URL> <REPO_PATH> --setup-only # Setup local repo and create session only\n'
|
||||
);
|
||||
|
||||
console.log(chalk.yellow.bold('DEVELOPER MODE (Operates on Existing Sessions):'));
|
||||
console.log(' shannon --run-phase <phase-name> [--pipeline-testing]');
|
||||
console.log(' shannon --run-all [--pipeline-testing]');
|
||||
console.log(' shannon --rollback-to <agent-name>');
|
||||
console.log(' shannon --rerun <agent-name> [--pipeline-testing]');
|
||||
console.log(' shannon --status');
|
||||
console.log(' shannon --list-agents');
|
||||
console.log(' shannon --cleanup [session-id] # Delete sessions\n');
|
||||
|
||||
console.log(chalk.yellow.bold('OPTIONS:'));
|
||||
console.log(
|
||||
' --config <file> YAML configuration file for authentication and testing parameters'
|
||||
);
|
||||
console.log(
|
||||
' --pipeline-testing Use minimal prompts for fast pipeline testing (creates minimal deliverables)'
|
||||
);
|
||||
console.log(
|
||||
' --disable-loader Disable the animated progress loader (useful when logs interfere with spinner)\n'
|
||||
);
|
||||
|
||||
console.log(chalk.yellow.bold('DEVELOPER COMMANDS:'));
|
||||
console.log(
|
||||
' --run-phase Run all agents in a phase (parallel execution for 5x speedup)'
|
||||
);
|
||||
console.log(' --run-all Run all remaining agents to completion (parallel execution)');
|
||||
console.log(' --rollback-to Rollback git workspace to agent checkpoint');
|
||||
console.log(' --rerun Rollback and rerun specific agent');
|
||||
console.log(' --status Show current session status and progress');
|
||||
console.log(' --list-agents List all available agents and phases');
|
||||
console.log(' --cleanup Delete all sessions or specific session by ID\n');
|
||||
|
||||
console.log(chalk.yellow.bold('EXAMPLES:'));
|
||||
console.log(' # Normal mode - create new session');
|
||||
console.log(' shannon "https://example.com" "/path/to/local/repo"');
|
||||
console.log(' shannon "https://example.com" "/path/to/local/repo" --config auth.yaml');
|
||||
console.log(
|
||||
' shannon "https://example.com" "/path/to/local/repo" --setup-only # Setup only\n'
|
||||
);
|
||||
|
||||
console.log(' # Developer mode - operate on existing session');
|
||||
console.log(' shannon --status # Show session status');
|
||||
console.log(' shannon --run-phase exploitation # Run entire phase');
|
||||
console.log(' shannon --run-all # Run all remaining agents');
|
||||
console.log(' shannon --rerun xss-vuln # Fix and rerun failed agent');
|
||||
console.log(' shannon --cleanup # Delete all sessions');
|
||||
console.log(' shannon --cleanup <session-id> # Delete specific session\n');
|
||||
|
||||
console.log(chalk.yellow.bold('REQUIREMENTS:'));
|
||||
console.log(' • WEB_URL must start with http:// or https://');
|
||||
console.log(' • REPO_PATH must be an accessible local directory');
|
||||
console.log(' • Only test systems you own or have permission to test');
|
||||
console.log(' • Developer mode requires existing pentest session\n');
|
||||
|
||||
console.log(chalk.yellow.bold('ENVIRONMENT VARIABLES:'));
|
||||
console.log(' PENTEST_MAX_RETRIES Number of retries for AI agents (default: 3)');
|
||||
}
|
||||
|
||||
// Export the splash screen function for use in main
|
||||
export { displaySplashScreen };
|
||||
Reference in New Issue
Block a user